Security+ Study Guide-01 Mastering Security Basics

Quiz
•
Computers
•
Professional Development
•
Medium

Alejandro Hidalgo
Used 12+ times
FREE Resource
15 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Management within your organization has defined a use case to support the confidentiality of data stored in a database. Which of the following solutions will BEST meet this need?
Hashing
Disk redundancies
Encryption
Patching
Answer explanation
Encryption is the best choice to provide confidentiality of any type of information, including data stored in a database.
Hashing supports a use case of supporting integrity.
Disk redundancies provide resilience and increase availability.
Patching systems increases availability and reliability
2.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
Apu manages network devices in his store and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, he creates hashes for these files and compares them with hashes he created on the same files the previous week. Which of the following use cases is he MOST likely supporting?
Supporting confidentiality
Supporting integrity
Supporting encryption
Supporting availability
Answer explanation
He is most likely using a use case of supporting integrity. By verifying that the hashes are the same on the configuration files, he is verifying that he files have not changed.
Confidentiality is enforced with encryption, access controls, and steganography.
Encryption is a method of enforcing confidentiality, and it doesn't use hashes. Availability ensures systems are up and operational when needed.
3.
MULTIPLE CHOICE QUESTION
30 sec • 2 pts
Which of the following is a cryptographic algorithm that will create a fixed-length output from a data file but cannot be used to re-create the original data file?
MD5
AES
IDS
SIEM
Answer explanation
Message Digest 5 (MD5) is a hashing algorithm that creates a fixed-length, irreversible output. Hashing algorithms cannot re-create the original data file from just the hash.
Advanced Encryption Standard (AES) is an encryption algorithm, and you can re-create the original data file by decrypting it.
An intrusion detection system (IDS) is not a cryptographic algorithm but it is a detective control.
A security information and event management (SIEM) system provides centralized logging.
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Your organization host an e-commerce web server selling digital products. The server randomly experiences a high volume of sales and usage, which causes spikes in resource usage. These spikes occasionally take the server down. Which of the following should be implemented to prevent these outages?
Elasticity
Scalability
Normalization
Stored procedures
Answer explanation
Elasticity is the best choice because it allows the server to dynamically scale up or out as needed in response to high resource usage.
Scalability isn't the best answer because it is done manually, however, the high resource usage is random and manually adding resources can't respond to the random spikes quick enough.
Normalization refers to organizing tables and columns in a database to reduce redundant data and improve overall database performance.
Stored procedures are a group of SQL statements that execute as a whole and help prevent SQL injection attacks.
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
An administrator recently installed an IDS to help reduce the impact of security incidents. Which of the following BEST identifies the control type of an IDS?
Preventative
Physical
Deterrent
Detective
Answer explanation
An intrusion detection system (IDS) is a detective control. It can detect malicious traffic after it enters a network.
A preventative control, such as an intrusion prevention system (IPS), prevent malicious traffic from entering the network. An IDS uses technology and is not a physical control.
Deterrent controls attempt to discourage a threat, but attackers wouldn't know if a system had an IDS, so the IDS can't deter attacks.
6.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
Maggie works in the security section of the IT department. Her primary responsibilities are to monitor security logs, analyze trends reported by the SIEM, and validate alerts. Which of the following choices BEST identifies the primary security control she's implementing?
Compensating
Preventative control
Detective control
Corrective control
Answer explanation
Monitoring security logs, analyzing trend reports from a security information and event management (SIEM), and validating alerts from a SIEM are detective controls. Detective controls try to detect security incidents after they happened. A compensating control is an alternative control used when a primary security control is not feasible or is not yet deployed.
Preventative controls attempt to prevent incidents, but the scenario doesn't specifically describe any preventative controls.
A corrective control attempts to reverse the impact of a security incident after it has happened.
7.
MULTIPLE CHOICE QUESTION
45 sec • 1 pt
A server in your network's DMZ was recently attacked. The firewall logs show that the server was attacked from an external IP address with the following socket: 72.52.230.233:6789. You want to see if the connection is still active. Which of the following would be BEST to use?
tracert
arp
netstat
dig
Answer explanation
The netstat command can be sued to display a list of open connections, including both the IP address and the port (or a socket). None of the other commands display active connections.
The tracert command list the routers between two systems.
The arp command shows the contents of the Address Resolution Protocol (ARP) cache.
The dig command can be used on Linux system to query Domain Name System (DNS) servers.
Create a free account and access millions of resources
Similar Resources on Wayground
10 questions
Subnetting Repaso

Quiz
•
Professional Development
10 questions
Network Fundamentals

Quiz
•
Professional Development
20 questions
pretest RPL jaringan

Quiz
•
Professional Development
10 questions
Sorular 11-20

Quiz
•
Professional Development
15 questions
Sec+ CH.1 Review Test

Quiz
•
Professional Development
20 questions
Part 3.4

Quiz
•
Professional Development
10 questions
OSI Model - Data Link Layer

Quiz
•
9th Grade - Professio...
15 questions
Clases IP

Quiz
•
Professional Development
Popular Resources on Wayground
15 questions
Hersheys' Travels Quiz (AM)

Quiz
•
6th - 8th Grade
20 questions
PBIS-HGMS

Quiz
•
6th - 8th Grade
30 questions
Lufkin Road Middle School Student Handbook & Policies Assessment

Quiz
•
7th Grade
20 questions
Multiplication Facts

Quiz
•
3rd Grade
17 questions
MIXED Factoring Review

Quiz
•
KG - University
10 questions
Laws of Exponents

Quiz
•
9th Grade
10 questions
Characterization

Quiz
•
3rd - 7th Grade
10 questions
Multiply Fractions

Quiz
•
6th Grade